Use these bookmarks
to jump around the tutorial:

Response.Cookies:
Memorizing Stuff About the User

Everyone loves cookies,
right?

In web development
cookies can be a very handy tool. Here's how cookies work:

Cookies, as you probably
already know, are small files that are stored on the user's computer. They are
used by web developers to store all sorts of basic information such as names,
dates, preferences, ID numbers, etc.

By storing some basic
information on the user's computer in the form of a cookie, a developer can have
his web pages reference his own special cookie to retrieve information that
would be incorporated into the site. For example, you could store a user's name
in a cookie and display it on your pages each time the user visits. You could
also store the date of the last visit and let the user know how long it has been
since they last visited.

Important!

Even though you
can store almost any information you want in a cookie, there are some
things you should NEVER put there.
Anything that could be considered sensitive personal information should
never be stored in a cookie. Things like credit card numbers, social
security numbers, government identification numbers or any other
information that could be used illegally should be avoided.

Since
cookies are stored directly on a user's machine, you have absolutely no
control over the information that you store there once the user has left
your site. If they are not protected by a firewall or their computer is
otherwise compromised, any sensitive information that you store there in
the form of a cookie could easily be stolen.

Now that you know what a
cookie is all about, here's how it works:

<% Option Explicit %>

<% Response.Cookies("MyCookie")
= Date( ) %>

<% Response.Cookies("MyCookie").Expires
=

DateAdd("m",6,Date( )) %>

Now let's break it down.

First, you will notice
Response.Cookies in the first line after Option Explicit. This tells the
server that you are sending a cookie to the user's browser. Next, you will see "MyCookie"
in parentheses. This gives your cookie a unique name. Always be sure to give
your cookie as unique of a name as possible. If you don't pick a unique name it
is possible for your cookie to be overwritten by another site's cookie of the
same name if it happens to be on the same server as you. The last thing we do
then is to set your the equal to a value which, in this case, is today's date.
You can also store strings, integers or decimals here.

In the next line you
will notice something a bit different. We have added .Expires to the
Response.Cookies. This simply writes an expiration date directly into the
cookie. By using an expiration date, the cookie is automatically deleted after x
number of days, month or even years. If you don't give the cookie an expiration,
the cookie is considered temporary and will only last as long as the user's
session. Now, to set the expiration date we used one of those great little
functions that I told you about earlier. We use the DateAdd( ) function to add
six months to today's date and make that the expiration. How's that for easy?

What about storing more
than one value in a cookie?

No problem. If you have
more than one value to store in a cookie, your Response.Cookies will look
like this:

<% Response.Cookies("MyCookie")("last_visit")
=

Date( ) %>

By adding ("last_visit")
you have given the value you are storing its own unique name within the cookie.
This way you can store as many different pieces of information in the cookie as
you like because they all will have a unique name. Keep in mind, though, cookies
are not intended to be a miniature database on a user's computer. The more
information that you store in the cookie, the more information that has to be
passed back and forth between the user and the server. This can significantly
slow down your application's processing speed, not to mention the information
stored in cookies is by no means safe and secure.

Now, there is one other
item that I want to show you:

<% Response.Cookies("MyCookie").Domain
=

"MyDomain.com" %>

This sets a value for
you cookies that uniquely identifies it with your domain name. It makes it much
less likely for your cookie to accidentally be overwritten by another site on
your server since it is uniquely identified with your domain.

I promised you a
practical example in each installment of this series. Well, this particular
practical example will be in two parts. The first part takes all of the examples
above and combines them:

<% Option Explicit %>

...

<% Response.Cookies("MyCookie")("last_visit")

= Date( ) %>

<% Response.Cookies("MyCookie").Expires
=

DateAdd("m",6,Date( )) %>

<% Response.Cookies("MyCookie").Domain
=

"MyDomain.com" %>

If you make changes to
the cookie name and domain name above you will be able to plug this in to your
home page or any other page. You will have then created a cookie that stores the
last date that the user visited your site.

In the next installment
of this series we will show you how to retrieve that date and welcome the user
back with the time elapsed since their last visit.

Tip

If you ever sell your
computer be sure to always erase all cookies on your machine. Often
cookies will store unique site ID numbers that give you automatic access
to online accounts. By erasing all cookies you will eliminate the chance
that someone will be able to access online information that you don't want
them to see. Odds are the person that buys your computer would never
stumble across the same sites where you have an account or do anything
harmful if they did, but you never know.